public ValidationResponse ValidateCertificate(X509Certificate2 certificate, X509Certificate2 issuer)
{
Org.BouncyCastle.X509.X509Certificate certificateBC = Org.BouncyCastle.Security.DotNetUtilities.FromX509Certificate(certificate);
try
{
Asn1Object derAiaExtension = Asn1Object.FromByteArray(certificateBC.GetExtensionValue(new DerObjectIdentifier("1.3.6.1.5.5.7.1.1")).GetOctets());
Asn1InputStream asn1Stream = new Asn1InputStream(derAiaExtension.GetDerEncoded());
Asn1Sequence asn1Sequence = (Asn1Sequence)asn1Stream.ReadObject();
foreach (Asn1Encodable entry in asn1Sequence)
{
AccessDescription aiaEntry = AccessDescription.GetInstance(entry.ToAsn1Object());
if (aiaEntry.AccessMethod.Id == AccessDescription.IdADOcsp.Id)
{
Console.Out.WriteLine(aiaEntry.AccessLocation.ToString());
GeneralName gn = (GeneralName)aiaEntry.AccessLocation;
ValidationResponse validationResponse = ValidateCertificate(certificate, issuer, gn.Name.ToString());
if ((validationResponse.status == ValidationExtensions.Enums.CertificateStatus.VALID) ||
(validationResponse.status == ValidationExtensions.Enums.CertificateStatus.REVOKED))
{
return(validationResponse);
}
}
}
}
catch (NullReferenceException)
{
// No Access Information Exception
}
return(new ValidationResponse(ValidationExtensions.Enums.CertificateStatus.UNKNOWN));
}
internal static ISet GetDeltaCrls(DateTime currentDate, PkixParameters paramsPKIX, X509Crl completeCRL)
{
X509CrlStoreSelector x509CrlStoreSelector = new X509CrlStoreSelector();
try
{
IList list = Platform.CreateArrayList();
list.Add(completeCRL.IssuerDN);
x509CrlStoreSelector.Issuers = list;
}
catch (IOException innerException)
{
throw new Exception("Cannot extract issuer from CRL.", innerException);
}
BigInteger bigInteger = null;
try
{
Asn1Object extensionValue = PkixCertPathValidatorUtilities.GetExtensionValue(completeCRL, X509Extensions.CrlNumber);
if (extensionValue != null)
{
bigInteger = DerInteger.GetInstance(extensionValue).PositiveValue;
}
}
catch (Exception innerException2)
{
throw new Exception("CRL number extension could not be extracted from CRL.", innerException2);
}
byte[] issuingDistributionPoint = null;
try
{
Asn1Object extensionValue2 = PkixCertPathValidatorUtilities.GetExtensionValue(completeCRL, X509Extensions.IssuingDistributionPoint);
if (extensionValue2 != null)
{
issuingDistributionPoint = extensionValue2.GetDerEncoded();
}
}
catch (Exception innerException3)
{
throw new Exception("Issuing distribution point extension value could not be read.", innerException3);
}
x509CrlStoreSelector.MinCrlNumber = ((bigInteger == null) ? null : bigInteger.Add(BigInteger.One));
x509CrlStoreSelector.IssuingDistributionPoint = issuingDistributionPoint;
x509CrlStoreSelector.IssuingDistributionPointEnabled = true;
x509CrlStoreSelector.MaxBaseCrlNumber = bigInteger;
ISet set = PkixCertPathValidatorUtilities.CrlUtilities.FindCrls(x509CrlStoreSelector, paramsPKIX, currentDate);
ISet set2 = new HashSet();
foreach (X509Crl x509Crl in set)
{
if (PkixCertPathValidatorUtilities.isDeltaCrl(x509Crl))
{
set2.Add(x509Crl);
}
}
return(set2);
}
public void Export(Container container, Stream output)
{
Asn1Object privateKey = EncodePrivateKey(container);
PemObject pemObject = new PemObject("PRIVATE KEY", privateKey.GetDerEncoded());
using (StreamWriter sw = new StreamWriter(output))
{
PemWriter writer = new PemWriter(sw);
writer.WriteObject(pemObject);
}
}
public DerApplicationSpecific(bool isExplicit, int tag, Asn1Encodable obj)
{
Asn1Object asn1Object = obj.ToAsn1Object();
byte[] derEncoded = asn1Object.GetDerEncoded();
isConstructed = Asn1TaggedObject.IsConstructed(isExplicit, asn1Object);
this.tag = tag;
if (isExplicit)
{
octets = derEncoded;
return;
}
int lengthOfHeader = GetLengthOfHeader(derEncoded);
byte[] array = new byte[derEncoded.Length - lengthOfHeader];
Array.Copy(derEncoded, lengthOfHeader, array, 0, array.Length);
octets = array;
}
/**
* Fetches delta CRLs according to RFC 3280 section 5.2.4.
*
* @param currentDate The date for which the delta CRLs must be valid.
* @param paramsPKIX The extended PKIX parameters.
* @param completeCRL The complete CRL the delta CRL is for.
* @return A <code>Set</code> of <code>X509CRL</code>s with delta CRLs.
* @throws Exception if an exception occurs while picking the delta
* CRLs.
*/
internal static ISet GetDeltaCrls(
DateTime currentDate,
PkixParameters paramsPKIX,
X509Crl completeCRL)
{
X509CrlStoreSelector deltaSelect = new X509CrlStoreSelector();
// 5.2.4 (a)
try
{
IList deltaSelectIssuer = Platform.CreateArrayList();
deltaSelectIssuer.Add(completeCRL.IssuerDN);
deltaSelect.Issuers = deltaSelectIssuer;
}
catch (IOException e)
{
throw new Exception("Cannot extract issuer from CRL.", e);
}
BigInteger completeCRLNumber = null;
try
{
Asn1Object asn1Object = GetExtensionValue(completeCRL, X509Extensions.CrlNumber);
if (asn1Object != null)
{
completeCRLNumber = CrlNumber.GetInstance(asn1Object).PositiveValue;
}
}
catch (Exception e)
{
throw new Exception(
"CRL number extension could not be extracted from CRL.", e);
}
// 5.2.4 (b)
byte[] idp = null;
try
{
Asn1Object obj = GetExtensionValue(completeCRL, X509Extensions.IssuingDistributionPoint);
if (obj != null)
{
idp = obj.GetDerEncoded();
}
}
catch (Exception e)
{
throw new Exception(
"Issuing distribution point extension value could not be read.",
e);
}
// 5.2.4 (d)
deltaSelect.MinCrlNumber = (completeCRLNumber == null)
? null
: completeCRLNumber.Add(BigInteger.One);
deltaSelect.IssuingDistributionPoint = idp;
deltaSelect.IssuingDistributionPointEnabled = true;
// 5.2.4 (c)
deltaSelect.MaxBaseCrlNumber = completeCRLNumber;
// find delta CRLs
ISet temp = CrlUtilities.FindCrls(deltaSelect, paramsPKIX, currentDate);
ISet result = new HashSet();
foreach (X509Crl crl in temp)
{
if (isDeltaCrl(crl))
{
result.Add(crl);
}
}
return(result);
}
private void AddAsn1Object(string name, DataKey root, Asn1Object obj, int level, Logger logger)
{
Asn1Sequence seq = obj as Asn1Sequence;
Asn1Set set = obj as Asn1Set;
Asn1TaggedObject tag = obj as Asn1TaggedObject;
string currName = name ?? obj.GetType().Name;
System.Diagnostics.Trace.WriteLine(String.Format("{0} {1}", currName, obj.GetType()));
if (seq != null)
{
if (!Config.IgnoreSequences)
{
DataKey key = new Asn1SequenceKey(currName, Config.NoVerify);
foreach (Asn1Object o in seq)
{
AddAsn1Object(null, key, o, level + 1, logger);
}
root.AddSubNode(key);
}
else
{
root.AddValue(currName, obj.GetDerEncoded());
}
}
else if (set != null)
{
if (!Config.IgnoreSets)
{
DataKey key = new Asn1SetKey(currName, Config.NoVerify);
foreach (Asn1Object o in set)
{
AddAsn1Object(null, key, o, level + 1, logger);
}
root.AddSubNode(key);
}
else
{
root.AddValue(currName, obj.GetDerEncoded());
}
}
else if (tag != null)
{
if (!Config.IgnoreTaggedObjects)
{
DataKey key = new Asn1TaggedObjectKey(currName, tag.TagNo, Config.NoVerify);
root.AddSubNode(key);
Asn1Object o = tag.GetObject();
DerOctetString oct = o as DerOctetString;
AddAsn1Object("Object", key, tag.GetObject(), level + 1, logger);
//if (oct != null)
//{
// Asn1InputStream input = new Asn1InputStream(oct.GetOctetStream());
// try
// {
// Asn1Object next = input.ReadObject();
// if (next == null)
// {
// AddAsn1Object("Object", key, o, logger);
// }
// else
// {
// Asn1OctetStringObject newRoot = new Asn1OctetStringObject("Object");
// while (next != null)
// {
// AddAsn1Object(next.GetType().Name, newRoot, next, logger);
// next = input.ReadObject();
// }
// key.AddSubNode(newRoot);
// }
// }
// catch (IOException)
// {
// AddAsn1Object("Object", key, o, logger);
// }
//}
//else
//{
// AddAsn1Object("Object", key, tag.GetObject(), logger);
//}
}
else
{
root.AddValue(currName, obj.GetDerEncoded());
}
}
else
{
if (!Config.NoDecode)
{
DerStringBase str = obj as DerStringBase;
DerObjectIdentifier oid = obj as DerObjectIdentifier;
DerInteger i = obj as DerInteger;
DerOctetString oct = obj as DerOctetString;
DerBitString bits = obj as DerBitString;
DerBoolean boo = obj as DerBoolean;
DerNull n = obj as DerNull;
DerUtcTime time = obj as DerUtcTime;
DerGeneralizedTime gt = obj as DerGeneralizedTime;
DerApplicationSpecific app = obj as DerApplicationSpecific;
if (oct != null)
{
root.AddValue(new Asn1OctetStringValue(currName, oct.GetOctets()));
}
else if (bits != null)
{
root.AddSubNode(new Asn1BitStringKey(currName, bits.PadBits, bits.GetBytes()));
}
else if (str != null)
{
Type stringType = typeof(Asn1StringValue <>).MakeGenericType(str.GetType());
root.AddValue((DataValue)Activator.CreateInstance(stringType, currName, str.GetString()));
}
else if (oid != null)
{
root.AddValue(new Asn1ObjectIdentifierValue(currName, oid.Id));
}
else if (i != null)
{
root.AddValue(new Asn1IntegerValue(currName, i.Value.ToByteArray()));
}
else if (boo != null)
{
root.AddValue(new Asn1BooleanValue(currName, boo.IsTrue));
}
else if (n != null)
{
root.AddValue(new Asn1NullValue(currName));
}
else if (time != null)
{
root.AddValue(new Asn1DateTimeValue(currName, time.ToDateTime()));
}
else if (gt != null)
{
root.AddValue(new Asn1GeneralizedTimeValue(currName, gt.ToDateTime()));
}
else if (app != null)
{
root.AddSubNode(new Asn1ApplicationSpecificValue(currName, app.ApplicationTag, app.GetContents()));
}
else
{
logger.LogError("Cannot convert type {0} to a class", obj.GetType().Name);
root.AddValue(currName, obj.GetDerEncoded());
}
}
else
{
root.AddValue(currName, obj.GetDerEncoded());
}
}
}
internal static ISet GetDeltaCrls(global::System.DateTime currentDate, PkixParameters paramsPKIX, X509Crl completeCRL)
{
//IL_0023: Expected O, but got Unknown
X509CrlStoreSelector x509CrlStoreSelector = new X509CrlStoreSelector();
try
{
global::System.Collections.IList list = Platform.CreateArrayList();
list.Add((object)completeCRL.IssuerDN);
x509CrlStoreSelector.Issuers = (global::System.Collections.ICollection)list;
}
catch (IOException val)
{
IOException val2 = val;
throw new global::System.Exception("Cannot extract issuer from CRL.", (global::System.Exception)(object) val2);
}
BigInteger bigInteger = null;
try
{
Asn1Object extensionValue = GetExtensionValue(completeCRL, X509Extensions.CrlNumber);
if (extensionValue != null)
{
bigInteger = DerInteger.GetInstance(extensionValue).PositiveValue;
}
}
catch (global::System.Exception ex)
{
throw new global::System.Exception("CRL number extension could not be extracted from CRL.", ex);
}
byte[] issuingDistributionPoint = null;
try
{
Asn1Object extensionValue2 = GetExtensionValue(completeCRL, X509Extensions.IssuingDistributionPoint);
if (extensionValue2 != null)
{
issuingDistributionPoint = extensionValue2.GetDerEncoded();
}
}
catch (global::System.Exception ex2)
{
throw new global::System.Exception("Issuing distribution point extension value could not be read.", ex2);
}
x509CrlStoreSelector.MinCrlNumber = bigInteger?.Add(BigInteger.One);
x509CrlStoreSelector.IssuingDistributionPoint = issuingDistributionPoint;
x509CrlStoreSelector.IssuingDistributionPointEnabled = true;
x509CrlStoreSelector.MaxBaseCrlNumber = bigInteger;
ISet set = CrlUtilities.FindCrls(x509CrlStoreSelector, paramsPKIX, currentDate);
ISet set2 = new HashSet();
global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)set).GetEnumerator();
try
{
while (enumerator.MoveNext())
{
X509Crl x509Crl = (X509Crl)enumerator.get_Current();
if (isDeltaCrl(x509Crl))
{
set2.Add(x509Crl);
}
}
return(set2);
}
finally
{
global::System.IDisposable disposable = enumerator as global::System.IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}